Keynote: Safety, Security, Safety and C / C++ - C++ Evolution - Herb Sutter - ACCU 2024

Подписаться 16 тыс.

Просмотров 13 тыс.

50% 1

ACCU Membership: tinyurl.com/yd...
---
Keynote: Safety, Security, Safety[sic] and C/C++[sic] - C++ Evolution - Herb Sutter - ACCU 2024
---
As the world’s threats and dangers evolve, so too must our tools. Sometimes a tool can evolve sufficiently to be useful in a new environment. Other times, a tool has to be used less or exchanged for a different one.
This talk addresses several questions:
- Why does the title say “safety” twice?
- Why is “C/C++” an essential term to embrace, not avoid?
- Is distinguishing “C vs C++” a True Scotsman problem?
- What is recognizably “C++” as C++ continues to evolve?
- Why hope for major improvement in C, C++, and C/C++?
Finally, the talk will also cover a few other updates about other C++ evolution (including reflection!) and from my personal ongoing experiment with my cppfront compiler.
Slides: accu.org/conf-...
Sponsored By think-cell
---
Herb Sutter
Author, chair of the ISO C++ committee, software architect at Microsoft.
---
The ACCU Conference is the annual conference of the ACCU membership, but is open to any and all who wish to attend. The tagline for the ACCU is 'Professionalism in Programming', which captures the whole spectrum of programming languages, tools, techniques and processes involved in advancing our craft. While there remains a core of C and C++ - with many members participating in respective ISO standards bodies - the conference, like the organisation, embraces other language ecosystems and you should expect to see sessions on C#, D, F#, Go, Javascript, Haskell, Java, Kotlin, Lisp, Python, Ruby, Rust, Swift and more.The ACCU Conference is a conference by programmers for programmers about programming.
Discounted rates for members.
ACCU Membership: tinyurl.com/yd...
2024 Program: accu.org/conf-...
accu.org
www.accuconfer...
mastodon.socia...
/ accu-conference
bsky.app/profi...
/ accuorg
/ accuconf
---
RU-vid Videos Filmed, Edited & Optimised by Digital Medium: events.digital...
#accuconf #programming #cplusplus #cpp #cprogramming

Опубликовано:

8 сен 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 39

@Ikkepop Месяц назад

always love Herb's presentations, alot of charisma

@Onyx-it8gk 2 месяца назад

Circle is without a doubt the most promising development for C++. Too many people unfortunately can't set their egos aside to give it the attention it really deserves.

@greenmatrix5303 Месяц назад

I don't follow. Why are you talking about Circle? What does that have to do with cppfront?

@AntiProtonBoy Месяц назад

Less to do with ego and more to do with tooling support, the effort to migrate and established ecosystems.

@szaszm_ 21 день назад

There have always been plenty of challenging competitors to C++ that failed over time. It's not an ego thing to be skeptical of the next big thing, especially if there are half a dozen competing candidates for just that. Circle is not even open source.

@tomkirbygreen 2 месяца назад

Really enjoyed this Herb, thank you!

@dascandy Месяц назад

No, Herb, @1:07:00 std::regex is horrendously bad in so many ways the best we can recommend is "do not use, ever". I have a draft paper to mark it as "deprecated, please do literally anything else". Do you want that submitted?

@Dominik-K 2 месяца назад

This talk is highly interesting, very good points

@mc4ndr3 2 месяца назад

When has Stroustrup ever agreed to break backwards compatibility in the name of basic safety or security guarantees? He doesn't even support a builtin package manager. Rather than wait a century for reasonably high quality defaults, adopt a modern systems language. Even Go can do the job for the vast majority of applications.

@peramoredellanalisi4341 Месяц назад

What bothers you exactly?

@szaszm_ 21 день назад

Go binaries are huge, and Go has a GC and green threads that add overhead when you don't use them.

@driedurchin 21 день назад

Herb always gives such a good perspective. I don't agree with his approach of cppfront, but nonetheless I think his metaphor about the door really drove home the point of needing a holistic approach to security.

@oconnor663 6 дней назад

15m15s: "Rust unsafe gives you access to 5 or 6 of the knives. We want all the knives." I'm not sure what Herb is referring to that unsafe Rust can't do. He might have heard that adding unsafe doesn't magically make your code compile, and that's true, but raw pointers can do anything (transmutes, lifetime extensions, data races, etc.) once you know the syntax and some relevant helper functions/types. The usual suspects like volatile, atomics, and inline assembly are all there. Herb, I don't imagine you read these comments, but I would be thrilled to give you a Rust crash course of any length you like. I think taking some time to seriously study Rust and get good at it would be a valuable investment for the future of C++.

@markramirez3920 Месяц назад

Developers just can not instantly migrate all software from C/C++ to other P.L.s just because "it's safer", we need to add features and best practices for existing and new C/C++ safe software ...

@dariuszantoniuk Месяц назад

Great talk, finally we can see Herb come to terms with what needs to be done to fix the issues. What's sad is that all of this took 5 years of denial, hostility towards people pointing out the problems, manipulating definitions, etc. Finally the need to catch up with Rust's state of the art safety support is acknowledged and the plan is somewhat plausible.

@josephlunderville3195 23 дня назад

This isn't new, Herb has been working on cppfront -- i.e. a new, safer syntax for C++ -- since at least 2021. None of this talk represents a recent change in attitude that I've seen.

@dariuszantoniuk 17 дней назад

@@josephlunderville3195 Herb's efforts to fix syntax issues aren't new, yes. Herb's acknowledgement of rust being the state of the art is new.

@Johnkank 23 дня назад

I really hope cppfront takes off. C++ focus shouldn't be about fixing it's bugs and errors. It should transform itself into a different paradigm. It's a language of the engineers, not developers. It should provide a base platform to add more derivatives and variants like circle and yet be able to program simply like typescript.

@krumbergify 2 месяца назад

Great talk as always! Question: With so many copyright holders, will you be able to change the license of Cppfront to a free license?

@Roibarkan 2 месяца назад

I believe the license is creative-commons

@krumbergify 2 месяца назад

@@RoibarkanYes, but using NC (non-commercial) and ND (no derivations). This means cppfront can’t be included by default in any GNU/Linux-distribution, no company can use it and those contributors Herb celebrates are technically not even allowed to provide pull requests since that involves modifying the sources. Because of that it is hard to take cppfront seriously until Herb switches to a free license.

@mc4ndr3 2 месяца назад

Rust is imperfect. However, rewriting in Rust provides a direct path to safety. If performance is still an issue, rewrite in Verilog.

@Onyx-it8gk 2 месяца назад

@@mc4ndr3 Rewriting everything in Rust is not at all a realistic solution. I mean, heck, so much infrastructure still runs on COBOL. Given the state of C++, I don't recommend starting any new projects with it. In that case I would instead use Rust.

@aaronfleisher4694 19 дней назад

🤣

@AdrianMNegreanu 2 месяца назад

just adopt Circle as c++2x

@jaycarlson2579 Месяц назад

I am supper impressed with the improvement of C++Front

@Roibarkan 2 месяца назад

16:15 JF Bastien’s talk from CppNow 2023: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-Gh79wcGJdTg.html

@rationalcoder 27 дней назад

9:28: "There would be no reason, by definition, to recommend people switch to another language. This is the problem." Interesting take. Certainly not by definition. I would still want to switch off of C++ even if it became more memory safe.

@gast128 Месяц назад

I would have expected some concrete examples of not secure C++ code. Bounds checking could be enforced in a profile by banning operator[] and requiring 'at'. This will cost some performance though (i.e. suppresses compiler optimization). From the past I know that regex are expansive to create. Perhaps also to execute compared to a simple search.

@driedurchin 22 дня назад

A lot of compilers are able to see through .at and still produce optimized code IIRC

@Voy2378 26 дней назад

20 years too late... cppcon deleted my comment on their channel for a similar talk, hope ACCU is more tolerant of truth.

@MarcEspie 3 месяца назад

one big question is, why is C++ default regexp so slow compared to perl ?...

@lorandpetok6044 2 месяца назад

From what I've heard the limitations are caused by abi backwards compatibility.

@freak82music 2 месяца назад

The reason, that I know and is mostly cited in the community, is that they did some "bad" decisions in the implementation but now they can't change it because this will be ABI breakage.